[Bug 90085] Re: When /tmp is mounted noexec, preconfigure fails
John Paul Adrian Glaubitz
glaubitz at physik.fu-berlin.de
Sat Jan 3 13:09:28 UTC 2015
> Please let the user decide if using a /tmp noexec mount point is more
secure or not.
That doesn't even make sense. It's a fact that mounting /tmp with
"noexec" doesn't give you any extra security simply because you can
simply circumvent it by invoking the executable with the help of the
dynamic Linux loader.
Anyone who wants to run an exploit can just run "lib64/ld-
linux-x86-64.so.2 /tmp/bla" instead of just "/tmp/bla" and it will just
work. For scripts, you just invoke them through their interpreter.
Adrian
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to debconf in Ubuntu.
https://bugs.launchpad.net/bugs/90085
Title:
When /tmp is mounted noexec, preconfigure fails
Status in debconf package in Ubuntu:
Triaged
Status in debconf package in Debian:
Confirmed
Bug description:
Binary package hint: mysql-server
/tmp mounted noexec, this ensues:
Preconfiguring packages ...
Can't exec "/tmp/mysql-server-5.0.config.89611": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/mysql-server-5.0.config.89611 configure failed at /usr/share/perl5/Debconf/ConfModule.pm line 57
mysql-server-5.0 failed to preconfigure, with exit status 2
ace
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debconf/+bug/90085/+subscriptions
More information about the foundations-bugs
mailing list